Open source software, tsinghua university https://mirrors.tuna.tsinghua.edu.cn/ mirror stationCopy the codeLinux users and user groups
The Linux operating system is a time-sharing operating system with multiple users and tasks. Any user who wants to use system resources must apply for an account from the system administrator (root user) and log in to the system as the account. The system administrator (root) tracks users and controls their access to system resources. On the other hand, it can also help users organize files and provide security protection for users. Each user account has a unique username and password. Note here: the concepts of user account and user name both exist and can be understood as the same thing. "User name" is a string representing the user account. After entering the correct user name and password when logging in, the user can enter the system and their home directory. To achieve the management of user accounts, the work to be completed mainly includes the following aspects: add, delete and modify user accounts. Manage user passwords. Manage user groups. A user group is a collection of users with the same characteristics. Sometimes we want to make multiple users with the same privileges, such as view, modify, or execute a command, a file, then we need to user groups, we put all the users within the same group of users, by modifying the file or directory permissions, we let the users within the group has a certain operation permissions, let other user groups of users do not have the permissions. In this way, all users in the user group have the same permissions on the file or directory. This is achieved by defining groups and changing permissions on files. For example: We have to make some users have permission to view a document, such as a timeline, and write the schedule will have to read and write permissions of execution, we want some users to know the contents of this schedule, and don't let them change, so we can put these users to a group, and then to modify the file permissions, let the user group to be read, This makes each user under the user group readable. In principle, each user should belong to one or more user groups. Of course, no user can be assigned to a user group. Groups Eff_server Displays the group eff_server and whoami of the current login userCopy the codeLinux user account management
User account management involves adding, modifying, and deleting user accounts. Adding a user account is to create a new account in the system and allocate resources such as the user number, user group, home directory, and login Shell to the new account. The account you just added is locked and cannot be used. You must set a password for this user before you can use it.Copy the code1. Add a new user
Useradd User name Parameter Description -c comment Specifies a comment. -d directory Specifies the home directory of the user. If the home directory does not exist, use the -m option to create a home directory. -g User group Indicates the user group to which the user belongs. -g User group. User group Specifies the additional group to which the user belongs. -s Shell file Specifies the login Shell of the user. -u User ID Indicates the user ID. If the -o option is available, the id of another user can be used repeatedly. Example 1 # useradd -d /home/sam -m Sam This command creates a user Sam, where the -d and -m options are used to generate a home directory for the login name Sam. /home/sam /home is the parent directory of the default user home directory. Example 2 # useradd -s /bin/sh -g group -g adm,root gem this command creates a new user gem. The login Shell of this user is /bin/sh. It belongs to user group, adm and root. Group indicates the primary group.Copy the code2. Delete the user
If a user account is no longer used, it can be deleted from the system. To delete a user account, you need to delete the user record from system files such as /etc/passwd and delete the user's home directory if necessary. To delete an existing user account, run the userdel command in the following format: userdel option The common option for a user name is -r, which is used to delete the user's home directory. Example: # userdel -r Sam This command deletes the records of user Sam in system files such as /etc/passwd, /etc/shadow, and /etc/group, and also deletes the user's home directory.Copy the code3. Modify the user
To modify a user, you need to change the user's attributes, such as the user NUMBER, home directory, user group, and login Shell. To modify information about an existing user, run the usermod command in the following format: usermod option User name option -c< Remarks > : modifies the remarks of a user account. -d< Login directory > : modify the user login directory; -e< Validity period > : changes the validity period of an account. -f< buffer days > : specifies the number of days after the password expires when the account is closed. -g< group > : changes the group to which a user belongs. When added to a new group, it is no longer in the original group. -g < group >; Modify the additional group to which the user belongs, and add the user to the new group while remaining in the original group. -l< account name > : Changes the user account name. -l: Locks the user password to make it invalid. -s<shell> : changes the shell used by the user after login. -u<uid> : changes the user ID. In addition, some systems can use the option: -l New username This option specifies a new account, that is, the old username is changed to the new username. Example: # usermod -s /bin/ksh -d /home/z -g developer Sam This command changes the login Shell of user Sam to KSH, home directory to /home/z, and user group to developer. Example Add newuser2 to the staff group: usermod -g staff newuser2 Change the user name of newuser newuser1: usermod -l newuser1 newuser Lock account newuser1: Usermod -l newuser1 Unlock newuser1: usermod -u newuser1Copy the code4, user password (password) management
An important part of user management is the management of user passwords. When a user account is created, it does not have a password, but is locked by the system and cannot be used. The user account can be used only after a password is specified, even if an empty command is specified. The Shell command for specifying and changing user passwords is passwd. Superusers can specify passwords for themselves and other users, while ordinary users can only change their own passwords. The command format is as follows: passwd option Options available to the user name: -l Lock the password, that is, disable the account. -u The password is unlocked. -d Enables the account to have no password. -f Forces the user to change the password at the next login. If the default user name is used, change the password of the current user. <1> For example, if the current user is Sam, run the following command to change the user's own password: $passwd Old password:****** New password:******* re-enter New password:******* <2> If you are a super user, you can specify the password of any user in the following format: # passwd Sam New password:******* re-enter New password:******* When a common user changes his/her password, the passwd command will first ask for the old password and then ask the user to enter the New password twice. If the two passwords are the same, the password is assigned to the user. When a superuser assigns a password to a user, he or she does not need to know the original password. To specify an empty command for a user, run the following command: # passwd -d Sam This command deletes the password of user Sam. In this way, the system will not allow the user to log in to the system the next time the user Sam logs in. The passwd command can also lock a user with the -l(lock) option, for example, # passwd -l SamCopy the code2. Linux system user group management
Each user has a user group. The system can manage all users in a user group in a centralized manner. When you create a user name, the system automatically creates a user group with the same name. User group management involves adding, deleting, and modifying user groups. The addition, deletion, and modification of groups are essentially updates to the /etc/group file.Copy the code1. Add a new user group
The format is as follows: groupadd Option The options available to the user group are as follows: -g GID Specifies the group ID (GID) of the new user group. -o is used together with -g. The GID of a new user group can be the same as that of an existing user group in the system. Example 1: # groupadd group1 This command adds a new group, group1, to the system. Example 2: # groupadd -g 101 group2 This command adds a new group to the system, group2, and specifies the group ID of the new group to be 101.Copy the code2. Delete an existing user group
The format is as follows: groupdel User group Example: # groupdel group1 This command deletes group1 from the system.Copy the code3. Modify the attributes of the user group
The syntax is as follows: groupmod Options Common options for a user group are as follows: -g GID Specifies a new group ID for the user group. The -o and -g options can be used at the same time. The new GID of a user group can be the same as that of an existing user group. Example 1: # groupmod -g 102 group2 This command changes the group ID of group2 to 102. Example 2: # groupmod -g 10000 -n group3 group2 This command changes the id of group2 to 10000 and the group name to group3.Copy the code4. If a user belongs to multiple user groups, the user can switch between user groups to have the rights of other user groups.
After login, you can run the newgrp command to switch to another user group. The parameter of this command is the destination user group. For example, run the $newgrp root command to switch the current user to the root user group, provided that the root user group is indeed the primary or additional group of the user. Similar to the management of user accounts, user groups can also be managed by integrated system management tools.Copy the code